Tags » XSS

Stored Cross Site Scripting

Stored Cross Site Scripting

Content will be added soon


Concrete Multiple XSS

While I was playing around with Concrete CMS, I wanted to know how this application shows us a hyperlink to the “Back” button. I found something interesting in the “download_file.php” file. 903 more words

Security threat - Broken authentication & session management

Application functions related to authentication and session management are often not implemented correctly, allowing attackers to compromise passwords, keys, or session tokens, or to exploit other implementation flaws to assume other users’ identities. 420 more words


Security Threat - Cross-site scripting (XSS)

Cross-site scripting (XSS) is when an application sends untrusted data to the web browser than can be interpreted as a piece of code. This way, attackers can execute scripts in the victim’s browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites. 425 more words


Cross Site Scripting Attacks (XSS)

An XSS attack is one of the top most tried out attacks on a PHP enabled system and your PHP script may not be immune. 396 more words


Gotham Security Daily Threat Alerts

June 12, The Register – (International) Sealed with an XSS: I gave TweetDeck a heart attack, says teen comp sci boff Firo. A computer science student who identified a basic cross-site scripting (XSS) flaw in Twitter’s TweetDeck client stated that the vulnerability was spotted while experimenting with the HTML heart-symbol character. 221 more words


Twitter jumps to block XSS worm in Tweetdeck

The Twitters were a twitting this morning over a newly discovered cross-site scripting (XSS) flaw in the popular Tweetdeck software owned by Twitter itself.

What is cross-site scripting? 284 more words